I have my OAuth login and callback methods in my API for Facebook,Google,Twitter.
It is an expresss app running on port 3000.
I have another angular 2 application running on port 4200. I am trying to call the
express api url through http get. It is throwing me the CORS error.
No ‘Access-Control-Allow-Origin’ header is present on the requested resource. Origin ‘null’ is therefore not allowed access.
cross-Origin Read Blocking (CORB) blocked cross-origin response with mime type text/html
3
Answers
CORS exists to protect your server from unwanted external AJAX requests. You need to actively enabled CORS on your server in order to use it.
Since you didn’t specify your server type, here’s how to do it on IIS and here’s how to do it on Apache. If you use a different type of server, you should look for ‘Enable CORS’ on that specific server type.
The best practice would be to ONLY allow CORS for the domains you want to open up to, and not allow everything (
*
), since this would increase the potential vulnerability of your server.Use ExpressJS CORS middleware to allow cross-origin request (CORS explained here)
https://github.com/expressjs/cors
Most of the time, the simplest way to fix the issue is to update the server. Most of server-side technologies provide support to configure CORS quickly. For example, with Node and ExpressJS, it only consists of installing the CORS middleware and using it when initializing the Express application:
For Further details refer the below Link:
http://restlet.com/company/blog/2016/09/27/how-to-fix-cors-problems/
About CORS,Please refer the below link i found Usefull:
https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS